This is an automated email from the ASF dual-hosted git repository.
sebb pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/whimsy.git
The following commit(s) were added to refs/heads/master by this push:
new ee9364df Resynch with latest
ee9364df is described below
commit ee9364df1e96fae75f2a58c93ea4abc35a6b9307
Author: Sebb <[email protected]>
AuthorDate: Tue Jan 2 17:31:08 2024 +0000
Resynch with latest
---
docker-config/whimsy.conf | 230 ++++++++++++++++++++++++----------------------
1 file changed, 120 insertions(+), 110 deletions(-)
diff --git a/docker-config/whimsy.conf b/docker-config/whimsy.conf
index feb65a19..e62e6b93 100644
--- a/docker-config/whimsy.conf
+++ b/docker-config/whimsy.conf
@@ -13,33 +13,6 @@
## Vhost docroot
DocumentRoot "/srv/whimsy/www"
- # Redirect all request to a 503 return code when in maintenance mode
- ErrorDocument 503 /503.html
-
- RewriteEngine on
- # Allow access to error pages
- RewriteCond %{REQUEST_URI} !^/\d\d\d.html$
- # Allow access to assets
- RewriteCond %{REQUEST_URI} !^/assets/
- RewriteCond %{REQUEST_URI} !^/icons/
- RewriteCond %{REQUEST_URI} !=/whimsy.svg
- RewriteCond %{REQUEST_URI} !=/favicon.ico
- # Allow access to JSON files
- RewriteCond %{REQUEST_URI} !^/public$
- RewriteCond %{REQUEST_URI} !^/public/
- # Access to linked docs
- RewriteCond %{REQUEST_URI} !=/test/dataflow.cgi
- RewriteCond %{REQUEST_URI} !=/test/dataflow.json
- # Don't redirect 503 page!
- RewriteCond %{REQUEST_URI} !=/503.html
- RewriteCond %{REQUEST_URI} !=/maintenance.txt
- RewriteCond /srv/whimsy/www/maintenance.txt -f
- RewriteRule ^ - [R=503,L]
-
- # Redirect away from the maintenance page if not in maintenance mode
- RewriteCond /srv/whimsy/www/maintenance.txt !-f
- RewriteRule ^/503.html$ / [R,L]
-
## Directories, there should at least be a declaration for /srv/whimsy/www
<Directory "/srv/whimsy/www">
@@ -54,7 +27,6 @@
CustomLog "/var/log/apache2/whimsy_access.log" combined
## Server aliases
- ## ServerAlias whimsy6.apache.org
## ServerAlias whimsy.apache.org
## Custom fragment
@@ -63,6 +35,8 @@
PassengerFriendlyErrorPages on
+AddCharset UTF-8 .json
+
# Needed for Git to be able to find .gitconfig
SetEnv HOME /var/www
@@ -70,8 +44,6 @@ SetEnv HOME /var/www
SetEnv LANG C.UTF-8
SetEnv LC_ALL C.UTF-8
-AddCharset UTF-8 .json
-
ExpiresActive On
<Directory /srv/whimsy/www/>
AddHandler cgi-script .cgi
@@ -97,6 +69,16 @@ ExpiresActive On
<Directory /srv/whimsy/www/logs>
Options +Indexes
+ AuthType Basic
+ AuthName "ASF Members"
+ AuthBasicProvider ldap
+ AuthLDAPUrl "ldaps://<%= ldaphosts%>/ou=people,dc=apache,dc=org?uid"
+ AuthLDAPBindDN <%= ldapbinddn%>
+ AuthLDAPBindPassword "<%= ldapbindpw%>"
+ AuthLDAPGroupAttribute memberUid
+ AuthLDAPGroupAttributeIsDN off
+ AuthLDAPMaxSubGroupDepth 0
+ Require ldap-group cn=member,ou=groups,dc=apache,dc=org
</Directory>
<Directory /srv/whimsy/www/members/log>
@@ -108,6 +90,10 @@ ExpiresActive On
AllowOverride FileInfo
</Directory>
+<Directory /srv/whimsy/www/test/public>
+ Require all granted
+</Directory>
+
RewriteEngine on
RewriteRule ^.*$ - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
@@ -126,6 +112,47 @@ ErrorDocument 401 /401.html
ErrorDocument 404 /404.html
ErrorDocument 500 /500.html
+#++ Maintenance page setup
+
+# To enable maintenance mode, create the file
+# /srv/whimsy/www/maintenance.txt
+# This should ideally contain brief details of the maintenance outage
+# as the file is linked from the 503 page.
+# However an empty file will work
+# To end maintenance, remove the file.
+
+# Redirect all requests to a 503 return code when in maintenance mode
+ErrorDocument 503 /503.html
+
+RewriteEngine on
+
+# Check the marker file first
+RewriteCond /srv/whimsy/www/maintenance.txt -f
+
+# Allow access to error pages
+RewriteCond %{REQUEST_URI} !^/\d\d\d.html$
+# Allow access to assets
+RewriteCond %{REQUEST_URI} !^/assets/
+RewriteCond %{REQUEST_URI} !^/icons/
+RewriteCond %{REQUEST_URI} !=/whimsy.svg
+RewriteCond %{REQUEST_URI} !=/favicon.ico
+# Allow access to JSON files
+RewriteCond %{REQUEST_URI} !^/public$
+RewriteCond %{REQUEST_URI} !^/public/
+# Access to linked docs
+RewriteCond %{REQUEST_URI} !=/test/dataflow.cgi
+RewriteCond %{REQUEST_URI} !=/test/dataflow.json
+# Don't redirect 503 page!
+RewriteCond %{REQUEST_URI} !=/503.html
+RewriteCond %{REQUEST_URI} !=/maintenance.txt
+RewriteRule ^ - [R=503,L]
+
+# Redirect away from the maintenance page if not in maintenance mode
+RewriteCond /srv/whimsy/www/maintenance.txt !-f
+RewriteRule ^/503.html$ / [R,L]
+
+#-- Maintenance page setup
+
Alias /board/agenda/ /srv/whimsy/www/board/agenda/public
<Location /board/agenda>
@@ -228,86 +255,6 @@ Alias /project/icla/ /srv/whimsy/www/project/icla/public
Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
</Directory>
-<Directory /srv/whimsy/www/test/roster>
- AuthType Basic
- AuthName "ASF Committers"
- AuthBasicProvider ldap
- AuthLDAPUrl "ldaps://<%= ldaphosts%>/ou=people,dc=apache,dc=org?uid"
- AuthLDAPBindDN <%= ldapbinddn%>
- AuthLDAPBindPassword "<%= ldapbindpw%>"
- AuthLDAPGroupAttribute member
- AuthLDAPGroupAttributeIsDN on
- AuthLDAPMaxSubGroupDepth 0
- Require ldap-group cn=committers,ou=role,ou=groups,dc=apache,dc=org
-</Directory>
-
-<Directory /srv/whimsy/www/test/public>
- Require all granted
-</Directory>
-
-<Directory /srv/whimsy/www/test/committer>
- AuthType Basic
- AuthName "ASF committer"
- AuthBasicProvider ldap
- AuthLDAPUrl "ldaps://<%= ldaphosts%>/ou=people,dc=apache,dc=org?uid"
- AuthLDAPBindDN <%= ldapbinddn%>
- AuthLDAPBindPassword "<%= ldapbindpw%>"
- Require ldap-alias-committer
-</Directory>
-
-<Directory /srv/whimsy/www/test/member>
- AuthType Basic
- AuthName "ASF Members"
- AuthBasicProvider ldap
- AuthLDAPUrl "ldaps://<%= ldaphosts%>/ou=people,dc=apache,dc=org?uid"
- AuthLDAPBindDN <%= ldapbinddn%>
- AuthLDAPBindPassword "<%= ldapbindpw%>"
- Require ldap-alias-member
-</Directory>
-
-<Directory /srv/whimsy/www/test/incubator>
- AuthType Basic
- AuthBasicProvider ldap
- AuthLDAPUrl "ldaps://<%= ldaphosts%>/ou=people,dc=apache,dc=org?uid"
- AuthLDAPBindDN <%= ldapbinddn%>
- AuthLDAPBindPassword "<%= ldapbindpw%>"
- AuthName "Incubator PMC"
- Require ldap-alias-incubator-pmc
-</Directory>
-
-<Directory /srv/whimsy/www/test/member-incubator>
- AuthType Basic
- AuthName "ASF Members and Incubator PMC"
- AuthBasicProvider ldap
- AuthLDAPUrl "ldaps://<%= ldaphosts%>/ou=people,dc=apache,dc=org?uid"
- AuthLDAPBindDN <%= ldapbinddn%>
- AuthLDAPBindPassword "<%= ldapbindpw%>"
- <RequireAny>
- Require ldap-alias-member
- Require ldap-alias-incubator-pmc
- </RequireAny>
-</Directory>
-
-<Directory /srv/whimsy/www/test/pmc-chair>
- AuthType Basic
- AuthName "ASF PMC Chairs"
- AuthBasicProvider ldap
- AuthLDAPUrl "ldaps://<%= ldaphosts%>/ou=people,dc=apache,dc=org?uid"
- AuthLDAPBindDN <%= ldapbinddn%>
- AuthLDAPBindPassword "<%= ldapbindpw%>"
- Require ldap-alias-pmc-chair
-</Directory>
-
-<Directory /srv/whimsy/www/test/secretary>
- AuthType Basic
- AuthName "ASF secretarial team"
- AuthBasicProvider ldap
- AuthLDAPUrl "ldaps://<%= ldaphosts%>/ou=people,dc=apache,dc=org?uid"
- AuthLDAPBindDN <%= ldapbinddn%>
- AuthLDAPBindPassword "<%= ldapbindpw%>"
- Require ldap-alias-secretary
-</Directory>
-
<LocationMatch ^/incubator/moderators>
AuthType Basic
AuthName "ASF Members and Incubator PMC"
@@ -477,6 +424,69 @@ Alias /project/icla/ /srv/whimsy/www/project/icla/public
</RequireAny>
</LocationMatch>
+<Directory /srv/whimsy/www/test/committer>
+ AuthType Basic
+ AuthName "ASF Committer"
+ AuthBasicProvider ldap
+ AuthLDAPUrl "ldaps://<%= ldaphosts%>/ou=people,dc=apache,dc=org?uid"
+ AuthLDAPBindDN <%= ldapbinddn%>
+ AuthLDAPBindPassword "<%= ldapbindpw%>"
+ Require ldap-alias-committer
+</Directory>
+
+<Directory /srv/whimsy/www/test/member>
+ AuthType Basic
+ AuthName "ASF Member"
+ AuthBasicProvider ldap
+ AuthLDAPUrl "ldaps://<%= ldaphosts%>/ou=people,dc=apache,dc=org?uid"
+ AuthLDAPBindDN <%= ldapbinddn%>
+ AuthLDAPBindPassword "<%= ldapbindpw%>"
+ Require ldap-alias-member
+</Directory>
+
+<Directory /srv/whimsy/www/test/incubator>
+ AuthType Basic
+ AuthName "Incubator PMC"
+ AuthBasicProvider ldap
+ AuthLDAPUrl "ldaps://<%= ldaphosts%>/ou=people,dc=apache,dc=org?uid"
+ AuthLDAPBindDN <%= ldapbinddn%>
+ AuthLDAPBindPassword "<%= ldapbindpw%>"
+ Require ldap-alias-incubator-pmc
+</Directory>
+
+<Directory /srv/whimsy/www/test/member-incubator>
+ AuthType Basic
+ AuthName "ASF Members and Incubator PMC"
+ AuthBasicProvider ldap
+ AuthLDAPUrl "ldaps://<%= ldaphosts%>/ou=people,dc=apache,dc=org?uid"
+ AuthLDAPBindDN <%= ldapbinddn%>
+ AuthLDAPBindPassword "<%= ldapbindpw%>"
+ <RequireAny>
+ Require ldap-alias-member
+ Require ldap-alias-incubator-pmc
+ </RequireAny>
+</Directory>
+
+<Directory /srv/whimsy/www/test/pmc-chair>
+ AuthType Basic
+ AuthName "PMC Chair"
+ AuthBasicProvider ldap
+ AuthLDAPUrl "ldaps://<%= ldaphosts%>/ou=people,dc=apache,dc=org?uid"
+ AuthLDAPBindDN <%= ldapbinddn%>
+ AuthLDAPBindPassword "<%= ldapbindpw%>"
+ Require ldap-alias-pmc-chair
+</Directory>
+
+<Directory /srv/whimsy/www/test/secretary>
+ AuthType Basic
+ AuthName "Secretary"
+ AuthBasicProvider ldap
+ AuthLDAPUrl "ldaps://<%= ldaphosts%>/ou=people,dc=apache,dc=org?uid"
+ AuthLDAPBindDN <%= ldapbinddn%>
+ AuthLDAPBindPassword "<%= ldapbindpw%>"
+ Require ldap-alias-secretary
+</Directory>
+
# Needs libapache2-mod-svn to be installed
# These are separate repos, as per the real ones
<Location /repos/asf>
